Dependencies

[tianon]

Here's where we sit now on image sizes:

$ docker images docker | sed 's/  +/\t/' | column -t -s $'\t'
REPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
docker              1-dind              51f44a8a42de        13 minutes ago      249.2 MB
docker              1.6-dind            51f44a8a42de        13 minutes ago      249.2 MB
docker              dind                51f44a8a42de        13 minutes ago      249.2 MB
docker              1.6.0-dind          51f44a8a42de        13 minutes ago      249.2 MB
docker              1.6                 12535bffb129        13 minutes ago      249.2 MB
docker              1                   12535bffb129        13 minutes ago      249.2 MB
docker              1.6.0               12535bffb129        13 minutes ago      249.2 MB
docker              latest              12535bffb129        13 minutes ago      249.2 MB

Most of this is due to installing all the dependencies of running Docker as a daemon even in the non-dind images:

# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies
RUN apt-get update && apt-get install -y \
        curl \
        \
        aufs-tools \
        btrfs-tools \
        ca-certificates \
        e2fsprogs \
        git \
        iptables \
        lxc \
        procps \
        xz-utils \
    --no-install-recommends && rm -rf /var/lib/apt/lists/*

It seems like it'd be worthwhile to only install the daemon-specific dependencies in the dind image. I think we need to play with some size comparisons to see what that actually looks like / saves us, though.

[tianon]

211.3 MB

diff --git a/Dockerfile b/Dockerfile
index 885c2f1..d059652 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,15 +4,8 @@ FROM debian:jessie
 RUN apt-get update && apt-get install -y \
        curl \
        \
-       aufs-tools \
-       btrfs-tools \
        ca-certificates \
-       e2fsprogs \
        git \
-       iptables \
-       lxc \
-       procps \
-       xz-utils \
    --no-install-recommends && rm -rf /var/lib/apt/lists/*

 ENV DOCKER_BUCKET get.docker.com

Is it worthwhile to beef up our Dockerfiles in order to save ~37.9 MB for the client-only case?

[tianon]

Oh, and git with --no-install-recommends means we have no ssh-client, so the main reason for having the client invoke git goes out the window, and we should either add ssh-client or remove git.

[tianon]

Down to 210.8 MB with:

diff --git a/Dockerfile b/Dockerfile
index 885c2f1..a91e266 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,23 +2,17 @@ FROM debian:jessie

 # https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies
 RUN apt-get update && apt-get install -y \
-       curl \
-       \
-       aufs-tools \
-       btrfs-tools \
        ca-certificates \
-       e2fsprogs \
        git \
-       iptables \
-       lxc \
-       procps \
-       xz-utils \
    --no-install-recommends && rm -rf /var/lib/apt/lists/*

 ENV DOCKER_BUCKET get.docker.com
 ENV DOCKER_VERSION 1.6.0
 ENV DOCKER_SHA256 526fbd15dc6bcf2f24f99959d998d080136e290bbb017624a5a3821b63916ae8

-RUN curl -fL "https://${DOCKER_BUCKET}/builds/Linux/x86_64/docker-$DOCKER_VERSION" -o /usr/local/bin/docker \
+RUN set -x \
+   && apt-get update && apt-get install -y --no-install-recommends curl && rm -rf /var/lib/apt/lists/* \
+   && curl -fL "https://${DOCKER_BUCKET}/builds/Linux/x86_64/docker-$DOCKER_VERSION" -o /usr/local/bin/docker \
    && echo "${DOCKER_SHA256}  /usr/local/bin/docker" | sha256sum -c - \
-   && chmod +x /usr/local/bin/docker
+   && chmod +x /usr/local/bin/docker \
+   && apt-get purge --auto-remove -y curl

(which is definitely not worthwhile)

[tianon]

I guess there is something to be said for the "cool factor" of being able to do something like:

$ docker run --rm \
    --link some-docker:docker \
    docker \
    docker -H tcp://docker:2375 build https://github.com/some/repo.git

Which makes me wonder if our non-dind image ought to have an entrypoint that detects --link something:docker and sets DOCKER_HOST to be tcp://docker:2375 automatically.

[tianon]

154.7 MB from:

diff --git a/Dockerfile b/Dockerfile
index 885c2f1..457e391 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,16 +3,7 @@ FROM debian:jessie
 # https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies
 RUN apt-get update && apt-get install -y \
        curl \
-       \
-       aufs-tools \
-       btrfs-tools \
        ca-certificates \
-       e2fsprogs \
-       git \
-       iptables \
-       lxc \
-       procps \
-       xz-utils \
    --no-install-recommends && rm -rf /var/lib/apt/lists/*

 ENV DOCKER_BUCKET get.docker.com

(but any git-needing docker invocations will fail)

[tianon]

That dramatic change from our original 249.2 MB down to this 154.7 MB makes me think that maybe we should have a separate git variant that just includes git (and could then even include ssh-client). Then our dind version would be slightly smaller too, since the daemon doesn't actually need git anymore, technically (unless it's doing a build for an older client...)

[tianon]

This is actually dramatic enough that I'm tempted:
(this includes removing lxc from dind too... hope nobody minds 👼)

$ docker images docker | sed 's/  +/\t/' | column -t -s $'\t'
REPOSITORY          TAG                 IMAGE ID            CREATED              VIRTUAL SIZE
docker              dind                8e8f85808b5f        29 seconds ago       162.6 MB
docker              git                 b49344a4e51a        About a minute ago   215.8 MB
docker              1.6.0               d5878f76078d        26 minutes ago       154.7 MB
$ # for scale:
$ docker images debian | sed 's/  +/\t/' | column -t -s $'\t'
....
debian              jessie              41b730702607        2 days ago           125.1 MB
...

diff --git a/Dockerfile b/Dockerfile
index 885c2f1..457e391 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,16 +3,7 @@ FROM debian:jessie
 # https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies
 RUN apt-get update && apt-get install -y \
        curl \
-       \
-       aufs-tools \
-       btrfs-tools \
        ca-certificates \
-       e2fsprogs \
-       git \
-       iptables \
-       lxc \
-       procps \
-       xz-utils \
    --no-install-recommends && rm -rf /var/lib/apt/lists/*

 ENV DOCKER_BUCKET get.docker.com
diff --git a/dind/Dockerfile b/dind/Dockerfile
index 0df3c2b..690d1d3 100644
--- a/dind/Dockerfile
+++ b/dind/Dockerfile
@@ -1,5 +1,18 @@
 FROM docker:1.6.0

+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies
+RUN apt-get update && apt-get install -y \
+       aufs-tools \
+       btrfs-tools \
+       e2fsprogs \
+       iptables \
+       procps \
+       xz-utils \
+   --no-install-recommends && rm -rf /var/lib/apt/lists/*
+
 ENV DIND_COMMIT ac20568b0a62c794c0f1190703f051bd1cfac341

 RUN curl -fL "https://raw.githubusercontent.com/docker/docker/${DIND_COMMIT}/hack/dind" -o /usr/local/sbin/dind \
diff --git a/git/Dockerfile b/git/Dockerfile
new file mode 100644
index 0000000..58aa348
--- /dev/null
+++ b/git/Dockerfile
@@ -0,0 +1,6 @@
+FROM docker:1.6.0
+
+RUN apt-get update && apt-get install -y \
+       git \
+       ssh-client \
+   --no-install-recommends && rm -rf /var/lib/apt/lists/*

[tianon]

For only 10MB, it might be worth re-combining dind and the "client-only" tags again.

[tianon]

So, the reason I liked a separate dind tag was this stuff:

VOLUME /var/lib/docker
EXPOSE 2375

ENTRYPOINT ["dind"]
CMD ["docker", "--daemon", "--host=unix:///var/run/docker.sock", "--host=tcp://0.0.0.0:2375"]

We don't need the VOLUME and the ENTRYPOINT is just noise for running the client (and will falsely accuse you of forgetting --privileged).

[tianon]

We have magic entrypoint scripts now, and are based on alpine so we're super small:

$ docker images docker
REPOSITORY          TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
docker              1.0-git             cef0542223eb        55 minutes ago      42.93 MB
docker              1.0.1-git           cef0542223eb        55 minutes ago      42.93 MB
docker              1.0-dind            e05c6c37102f        55 minutes ago      30.8 MB
docker              1.0.1-dind          e05c6c37102f        55 minutes ago      30.8 MB
docker              1.0                 c5c4836c3c54        55 minutes ago      24.89 MB
docker              1.0.1               c5c4836c3c54        55 minutes ago      24.89 MB
docker              1.1-git             756736260cf5        55 minutes ago      43.03 MB
docker              1.1.2-git           756736260cf5        55 minutes ago      43.03 MB
docker              1.1.2-dind          19e4d2ce8d01        55 minutes ago      30.9 MB
docker              1.1-dind            19e4d2ce8d01        55 minutes ago      30.9 MB
docker              1.1                 f5458d08967f        56 minutes ago      24.99 MB
docker              1.1.2               f5458d08967f        56 minutes ago      24.99 MB
docker              1.2-git             d56107729806        56 minutes ago      38.79 MB
docker              1.2.0-git           d56107729806        56 minutes ago      38.79 MB
docker              1.2-dind            52acfb6d025b        56 minutes ago      26.66 MB
docker              1.2.0-dind          52acfb6d025b        56 minutes ago      26.66 MB
docker              1.2                 dcc0d0fdbdc9        56 minutes ago      20.75 MB
docker              1.2.0               dcc0d0fdbdc9        56 minutes ago      20.75 MB
docker              1.3-git             4bc538f1d3cb        56 minutes ago      39.59 MB
docker              1.3.3-git           4bc538f1d3cb        56 minutes ago      39.59 MB
docker              1.3-dind            fc48e900b4a7        56 minutes ago      27.47 MB
docker              1.3.3-dind          fc48e900b4a7        56 minutes ago      27.47 MB
docker              1.3                 6537c7a13876        57 minutes ago      21.56 MB
docker              1.3.3               6537c7a13876        57 minutes ago      21.56 MB
docker              1.4-git             7ce02706c9e8        About an hour ago   40.01 MB
docker              1.4.1-git           7ce02706c9e8        About an hour ago   40.01 MB
docker              1.4.1-dind          ca49849122de        About an hour ago   27.88 MB
docker              1.4-dind            ca49849122de        About an hour ago   27.88 MB
docker              1.4.1               9d8247effdb8        About an hour ago   21.97 MB
docker              1.4                 9d8247effdb8        About an hour ago   21.97 MB
docker              1.5-git             a82ce2bbe329        About an hour ago   40.4 MB
docker              1.5.0-git           a82ce2bbe329        About an hour ago   40.4 MB
docker              1.5.0-dind          f5169ee5c050        About an hour ago   28.27 MB
docker              1.5-dind            f5169ee5c050        About an hour ago   28.27 MB
docker              1.5.0               0fc58a7fc20a        About an hour ago   22.36 MB
docker              1.5                 0fc58a7fc20a        About an hour ago   22.36 MB
docker              1.6-git             ab710b44d2e8        About an hour ago   40.84 MB
docker              1.6.2-git           ab710b44d2e8        About an hour ago   40.84 MB
docker              1.6.2-dind          1134cd928fc1        About an hour ago   28.71 MB
docker              1.6-dind            1134cd928fc1        About an hour ago   28.71 MB
docker              git                 41c74e6ec596        About an hour ago   41.69 MB
docker              1.7-git             41c74e6ec596        About an hour ago   41.69 MB
docker              1.7.1-git           41c74e6ec596        About an hour ago   41.69 MB
docker              1-git               41c74e6ec596        About an hour ago   41.69 MB
docker              1.7.1-dind          fb1ee6871f46        About an hour ago   29.56 MB
docker              1.7-dind            fb1ee6871f46        About an hour ago   29.56 MB
docker              dind                fb1ee6871f46        About an hour ago   29.56 MB
docker              1-dind              fb1ee6871f46        About an hour ago   29.56 MB
docker              1.7                 5228fb3fd20f        About an hour ago   23.65 MB
docker              1.7.1               5228fb3fd20f        About an hour ago   23.65 MB
docker              latest              5228fb3fd20f        About an hour ago   23.65 MB
docker              1                   5228fb3fd20f        About an hour ago   23.65 MB
docker              1.8.0-rc2-git       7f23a2fc3bf9        About an hour ago   46.98 MB
docker              1.8-rc-git          7f23a2fc3bf9        About an hour ago   46.98 MB
docker              rc-git              7f23a2fc3bf9        About an hour ago   46.98 MB
docker              1.8-rc-dind         2ae42f80f792        About an hour ago   34.85 MB
docker              1.8.0-rc2-dind      2ae42f80f792        About an hour ago   34.85 MB
docker              rc-dind             2ae42f80f792        About an hour ago   34.85 MB
docker              1.8.0-rc2           ca5f4995ef2f        About an hour ago   28.95 MB
docker              rc                  ca5f4995ef2f        About an hour ago   28.95 MB
docker              1.8-rc              ca5f4995ef2f        About an hour ago   28.95 MB
docker              1.6.2               70eb8b2143af        3 hours ago         22.8 MB
docker              1.6                 70eb8b2143af        3 hours ago         22.8 MB